Accepted imagemagick 8:6.9.7.4+dfsg-11+deb9u2 (source all amd64) into proposed-updates->stable-new, proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Mon, 07 Aug 2017 22:24:41 +0200 Source: imagemagick Binary: imagemagick-6-common imagemagick-6-doc libmagickcore-6-headers libmagickwand-6-headers libmagick++-6-headers libimage-magick-perl libmagickcore-6-arch-config imagemagick-6.q16 libmagickcore-6.q16-3 libmagickcore-6.q16-3-extra libmagickcore-6.q16-dev libmagickwand-6.q16-3 libmagickwand-6.q16-dev libmagick++-6.q16-7 libmagick++-6.q16-dev libimage-magick-q16-perl imagemagick-6.q16hdri libmagickcore-6.q16hdri-3 libmagickcore-6.q16hdri-3-extra libmagickcore-6.q16hdri-dev libmagickwand-6.q16hdri-3 libmagickwand-6.q16hdri-dev libmagick++-6.q16hdri-7 libmagick++-6.q16hdri-dev libimage-magick-q16hdri-perl imagemagick-common imagemagick-doc perlmagick libmagickcore-dev libmagickwand-dev libmagick++-dev imagemagick Architecture: source all amd64 Version: 8:6.9.7.4+dfsg-11+deb9u2 Distribution: stretch-security Urgency: high Maintainer: ImageMagick Packaging Team Changed-By: Bastien Roucariès Description: imagemagick - image manipulation programs -- binaries imagemagick-6-common - image manipulation programs -- infrastructure imagemagick-6-doc - document files of ImageMagick imagemagick-6.q16 - image manipulation programs -- quantum depth Q16 imagemagick-6.q16hdri - image manipulation programs -- quantum depth Q16HDRI imagemagick-common - image manipulation programs -- infrastructure dummy package imagemagick-doc - document files of ImageMagick -- dummy package libimage-magick-perl - Perl interface to the ImageMagick graphics routines libimage-magick-q16-perl - Perl interface to the ImageMagick graphics routines -- Q16 versio libimage-magick-q16hdri-perl - Perl interface to the ImageMagick graphics routines -- Q16HDRI ve libmagick++-6-headers - object-oriented C++ interface to ImageMagick - header files libmagick++-6.q16-7 - C++ interface to ImageMagick -- quantum depth Q16 libmagick++-6.q16-dev - C++ interface to ImageMagick - development files (Q16) libmagick++-6.q16hdri-7 - C++ interface to ImageMagick -- quantum depth Q16HDRI libmagick++-6.q16hdri-dev - C++ interface to ImageMagick - development files (Q16HDRI) libmagick++-dev - object-oriented C++ interface to ImageMagick -- dummy package libmagickcore-6-arch-config - low-level image manipulation library - architecture header files libmagickcore-6-headers - low-level image manipulation library - header files libmagickcore-6.q16-3 - low-level image manipulation library -- quantum depth Q16 libmagickcore-6.q16-3-extra - low-level image manipulation library - extra codecs (Q16) libmagickcore-6.q16-dev - low-level image manipulation library - development files (Q16) libmagickcore-6.q16hdri-3 - low-level image manipulation library -- quantum depth Q16HDRI libmagickcore-6.q16hdri-3-extra - low-level image manipulation library - extra codecs (Q16HDRI) libmagickcore-6.q16hdri-dev - low-level image manipulation library - development files (Q16HDRI libmagickcore-dev - low-level image manipulation library -- dummy package libmagickwand-6-headers - image manipulation library - headers files libmagickwand-6.q16-3 - image manipulation library -- quantum depth Q16 libmagickwand-6.q16-dev - image manipulation library - development files (Q16) libmagickwand-6.q16hdri-3 - image manipulation library -- quantum depth Q16HDRI libmagickwand-6.q16hdri-dev - image manipulation library - development files (Q16HDRI) libmagickwand-dev - image manipulation library -- dummy package perlmagick - Perl interface to ImageMagick -- dummy package Closes: 867778 868950 869210 869712 869713 869715 869728 869827 869830 869834 870012 870014 870065 870067 870105 870106 870109 870111 870116 870119 870491 870526 Changes: imagemagick (8:6.9.7.4+dfsg-11+deb9u2) stretch-security; urgency=high . * Avoid unbounded loop in pwp coder (Closes: #870526) * Fix memory exhaustion in PCX coder (Closes: #870491) * Fix double free in RelinquishMagickMemory (Closes: #870119) * coders/png.c: Memory leak Fix Issue 600 (Closes: #870116) * Fix hard lock in LockSemaphoreInfo after reading a png with width==MAGICK_WIDTH_LIMIT (Closes: #870111) * Fix out-of-bounds read with the MNG CLIP chunk. (Closes: #870109) * Fix heap buffer overflow in ReadOneMNGImage (Closes: #870106) * Detect corrupted png early and avoid a crash (Closes: #870105) * CVE-2017-11640 When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to an address access exception in the WritePTIFImage() function in coders/tiff.c. (Closes: #870067) * CVE-2017-11639 When ImageMagick processes a crafted file in convert, it can lead to a heap-based buffer over-read in the WriteCIPImage() function in coders/cip.c, related to the GetPixelLuma function in MagickCore/pixel-accessor.h. (Closes: #870065) * Fix assertion failed in DestroyImageInfo
Accepted imagemagick 8:6.8.9.9-5+deb8u10 (source all amd64) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sat, 15 Jul 2017 10:32:14 +0200 Source: imagemagick Binary: imagemagick-common imagemagick-doc libmagickcore-6-headers libmagickwand-6-headers libmagick++-6-headers imagemagick libimage-magick-perl libmagickcore-6-arch-config imagemagick-6.q16 libmagickcore-6.q16-2 libmagickcore-6.q16-2-extra libmagickcore-6.q16-dev libmagickwand-6.q16-2 libmagickwand-6.q16-dev libmagick++-6.q16-5 libmagick++-6.q16-dev imagemagick-dbg libimage-magick-q16-perl perlmagick libmagickcore-dev libmagickwand-dev libmagick++-dev Architecture: source all amd64 Version: 8:6.8.9.9-5+deb8u10 Distribution: jessie-security Urgency: high Maintainer: ImageMagick Packaging Team Changed-By: Bastien Roucariès Description: imagemagick - image manipulation programs -- binaries imagemagick-6.q16 - image manipulation programs -- quantum depth Q16 imagemagick-common - image manipulation programs -- infrastructure imagemagick-dbg - debugging symbols for ImageMagick imagemagick-doc - document files of ImageMagick libimage-magick-perl - Perl interface to the ImageMagick graphics routines libimage-magick-q16-perl - Perl interface to the ImageMagick graphics routines -- Q16 versio libmagick++-6-headers - object-oriented C++ interface to ImageMagick - header files libmagick++-6.q16-5 - object-oriented C++ interface to ImageMagick libmagick++-6.q16-dev - object-oriented C++ interface to ImageMagick - development files libmagick++-dev - object-oriented C++ interface to ImageMagick libmagickcore-6-arch-config - low-level image manipulation library - architecture header files libmagickcore-6-headers - low-level image manipulation library - header files libmagickcore-6.q16-2 - low-level image manipulation library -- quantum depth Q16 libmagickcore-6.q16-2-extra - low-level image manipulation library - extra codecs (Q16) libmagickcore-6.q16-dev - low-level image manipulation library - development files (Q16) libmagickcore-dev - low-level image manipulation library -- transition package libmagickwand-6-headers - image manipulation library - headers files libmagickwand-6.q16-2 - image manipulation library libmagickwand-6.q16-dev - image manipulation library - development files libmagickwand-dev - image manipulation library - transition for development files perlmagick - Perl interface to ImageMagick -- transition package Closes: 863126 863833 863834 864087 864089 864273 864274 867367 867721 867778 867798 867806 867808 867810 867811 867812 867821 867823 867824 867825 867826 867893 867894 867896 867897 868184 868264 Changes: imagemagick (8:6.8.9.9-5+deb8u10) jessie-security; urgency=high . * Fix security bugs: + Previous CVE-2017-9144 fix was incomplete. A crafted RLE image can trigger a crash because of incorrect EOF handling in coders/rle.c (Closes: #863126) + CVE-2017-10928: A heap-based buffer over-read in the GetNextToken function in token.c allows remote attackers to obtain sensitive information from process memory or possibly have unspecified other impact via a crafted SVG document that is mishandled in the GetUserSpaceCoordinateValue function in coders/svg.c. (Closes: #867367). + CVE-2017-9500: An assertion failure was found in the function ResetImageProfileIterator, which allows attackers to cause a denial of service via a crafted file. (Closes: #867778). + CVE-2017-9501: An assertion failure was found in the function LockSemaphoreInfo, which allows attackers to cause a denial of service via a crafted file. (Closes: #867721). + CVE-2017-9440: A memory leak was found in the function ReadPSDChannel in coders/psd.c, which allows attackers to cause a denial of service via a crafted file. (Closes: 864273). + CVE-2017-9439: A memory leak was found in the function ReadPDBImage in coders/pdb.c, which allows attackers to cause a denial of service via a crafted file. (Closes: #864274). + CVE-2017-11188: CPU exhaustion in ReadDPXImage Because dpx.file.image_offset is a unsigned int, it can be controlled as large as 4294967295. This will cause ImageMagick spend a lot of time to process a crafted DPX imagefile, even if the imagefile is very small. (Closes: #867806) + CVE-2017-11141: memory exhaustion in ReadMATImage When identify MAT file, imagemagick will allocate memory to store data in function ReadMATImage. Modifying MAT's MATLAB_HDR field can cause ImageMagick to allocate a anysize amount of memory, this may cause a memory exhaustion (Closes: #868264) + CVE-2017-11170: memory exhaustion in ReadTGAImage When identify VST file, imagemagick will allocate memory to store data in function ReadTGA
Accepted imagemagick 8:6.9.7.4+dfsg-11+deb9u1 (source all amd64) into proposed-updates->stable-new, proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Fri, 14 Jul 2017 15:56:50 +0200 Source: imagemagick Binary: imagemagick-6-common imagemagick-6-doc libmagickcore-6-headers libmagickwand-6-headers libmagick++-6-headers libimage-magick-perl libmagickcore-6-arch-config imagemagick-6.q16 libmagickcore-6.q16-3 libmagickcore-6.q16-3-extra libmagickcore-6.q16-dev libmagickwand-6.q16-3 libmagickwand-6.q16-dev libmagick++-6.q16-7 libmagick++-6.q16-dev libimage-magick-q16-perl imagemagick-6.q16hdri libmagickcore-6.q16hdri-3 libmagickcore-6.q16hdri-3-extra libmagickcore-6.q16hdri-dev libmagickwand-6.q16hdri-3 libmagickwand-6.q16hdri-dev libmagick++-6.q16hdri-7 libmagick++-6.q16hdri-dev libimage-magick-q16hdri-perl imagemagick-common imagemagick-doc perlmagick libmagickcore-dev libmagickwand-dev libmagick++-dev imagemagick Architecture: source all amd64 Version: 8:6.9.7.4+dfsg-11+deb9u1 Distribution: stretch-security Urgency: high Maintainer: ImageMagick Packaging Team Changed-By: Bastien Roucariès Description: imagemagick - image manipulation programs -- binaries imagemagick-6-common - image manipulation programs -- infrastructure imagemagick-6-doc - document files of ImageMagick imagemagick-6.q16 - image manipulation programs -- quantum depth Q16 imagemagick-6.q16hdri - image manipulation programs -- quantum depth Q16HDRI imagemagick-common - image manipulation programs -- infrastructure dummy package imagemagick-doc - document files of ImageMagick -- dummy package libimage-magick-perl - Perl interface to the ImageMagick graphics routines libimage-magick-q16-perl - Perl interface to the ImageMagick graphics routines -- Q16 versio libimage-magick-q16hdri-perl - Perl interface to the ImageMagick graphics routines -- Q16HDRI ve libmagick++-6-headers - object-oriented C++ interface to ImageMagick - header files libmagick++-6.q16-7 - C++ interface to ImageMagick -- quantum depth Q16 libmagick++-6.q16-dev - C++ interface to ImageMagick - development files (Q16) libmagick++-6.q16hdri-7 - C++ interface to ImageMagick -- quantum depth Q16HDRI libmagick++-6.q16hdri-dev - C++ interface to ImageMagick - development files (Q16HDRI) libmagick++-dev - object-oriented C++ interface to ImageMagick -- dummy package libmagickcore-6-arch-config - low-level image manipulation library - architecture header files libmagickcore-6-headers - low-level image manipulation library - header files libmagickcore-6.q16-3 - low-level image manipulation library -- quantum depth Q16 libmagickcore-6.q16-3-extra - low-level image manipulation library - extra codecs (Q16) libmagickcore-6.q16-dev - low-level image manipulation library - development files (Q16) libmagickcore-6.q16hdri-3 - low-level image manipulation library -- quantum depth Q16HDRI libmagickcore-6.q16hdri-3-extra - low-level image manipulation library - extra codecs (Q16HDRI) libmagickcore-6.q16hdri-dev - low-level image manipulation library - development files (Q16HDRI libmagickcore-dev - low-level image manipulation library -- dummy package libmagickwand-6-headers - image manipulation library - headers files libmagickwand-6.q16-3 - image manipulation library -- quantum depth Q16 libmagickwand-6.q16-dev - image manipulation library - development files (Q16) libmagickwand-6.q16hdri-3 - image manipulation library -- quantum depth Q16HDRI libmagickwand-6.q16hdri-dev - image manipulation library - development files (Q16HDRI) libmagickwand-dev - image manipulation library -- dummy package perlmagick - Perl interface to ImageMagick -- dummy package Closes: 863126 864273 864274 867367 867721 867778 867798 867806 867808 867810 867811 867812 867821 867823 867824 867825 867826 867893 867894 867896 867897 868184 868264 Changes: imagemagick (8:6.9.7.4+dfsg-11+deb9u1) stretch-security; urgency=high . * Fix security bugs: + Previous CVE-2017-9144 fix was incomplete. A crafted RLE image can trigger a crash because of incorrect EOF handling in coders/rle.c (Closes: #863126) + CVE-2017-10928: A heap-based buffer over-read in the GetNextToken function in token.c allows remote attackers to obtain sensitive information from process memory or possibly have unspecified other impact via a crafted SVG document that is mishandled in the GetUserSpaceCoordinateValue function in coders/svg.c. (Closes: #867367). + CVE-2017-9500: An assertion failure was found in the function ResetImageProfileIterator, which allows attackers to cause a denial of service via a crafted file. (Closes: #867778). + CVE-2017-9501: An assertion failure was found in the function LockSemaphoreInfo, which allows attackers to cause a denial of service via a crafted file. (Closes: #867721). + CVE-2017-9440: A memory leak was found in the function ReadPSDChannel in coders/psd.c
Accepted imagemagick 8:6.8.9.9-5+deb8u9 (source all amd64) into proposed-updates->stable-new, proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Fri, 05 May 2017 11:47:25 +0200 Source: imagemagick Binary: imagemagick-common imagemagick-doc libmagickcore-6-headers libmagickwand-6-headers libmagick++-6-headers imagemagick libimage-magick-perl libmagickcore-6-arch-config imagemagick-6.q16 libmagickcore-6.q16-2 libmagickcore-6.q16-2-extra libmagickcore-6.q16-dev libmagickwand-6.q16-2 libmagickwand-6.q16-dev libmagick++-6.q16-5 libmagick++-6.q16-dev imagemagick-dbg libimage-magick-q16-perl perlmagick libmagickcore-dev libmagickwand-dev libmagick++-dev Architecture: source all amd64 Version: 8:6.8.9.9-5+deb8u9 Distribution: jessie-security Urgency: high Maintainer: ImageMagick Packaging Team Changed-By: Bastien Roucariès Description: imagemagick - image manipulation programs -- binaries imagemagick-6.q16 - image manipulation programs -- quantum depth Q16 imagemagick-common - image manipulation programs -- infrastructure imagemagick-dbg - debugging symbols for ImageMagick imagemagick-doc - document files of ImageMagick libimage-magick-perl - Perl interface to the ImageMagick graphics routines libimage-magick-q16-perl - Perl interface to the ImageMagick graphics routines -- Q16 versio libmagick++-6-headers - object-oriented C++ interface to ImageMagick - header files libmagick++-6.q16-5 - object-oriented C++ interface to ImageMagick libmagick++-6.q16-dev - object-oriented C++ interface to ImageMagick - development files libmagick++-dev - object-oriented C++ interface to ImageMagick libmagickcore-6-arch-config - low-level image manipulation library - architecture header files libmagickcore-6-headers - low-level image manipulation library - header files libmagickcore-6.q16-2 - low-level image manipulation library -- quantum depth Q16 libmagickcore-6.q16-2-extra - low-level image manipulation library - extra codecs (Q16) libmagickcore-6.q16-dev - low-level image manipulation library - development files (Q16) libmagickcore-dev - low-level image manipulation library -- transition package libmagickwand-6-headers - image manipulation library - headers files libmagickwand-6.q16-2 - image manipulation library libmagickwand-6.q16-dev - image manipulation library - development files libmagickwand-dev - image manipulation library - transition for development files perlmagick - Perl interface to ImageMagick -- transition package Closes: 859769 859771 859772 860734 860736 862572 862573 862574 862575 862577 862578 862579 862587 862589 862590 862632 862633 862634 862635 862636 862637 862653 862967 863123 863124 863125 863126 Changes: imagemagick (8:6.8.9.9-5+deb8u9) jessie-security; urgency=high . * Security fixes various: + CVE-2017-7606: Undefined behavior in rle (Closes: #859771). + CVE-2017-7619: Infinite loop due to rounding error (Closes: #859769). + CVE-2017-7941 memory leak in sgi (Closes: #860734). + CVE-2017-7943 memory leak in svg (Closes: #860736). * Security fixes DOS: + Fix CVE-2017-8343: The ReadAAIImage function in aai.c allows attackers to cause a denial of service (memory leak) via a crafted file. (Closes: #862572). + Fix CVE-2017-8344: Fix DOS in PCX file coders. (Closes: #862574). + Fix CVE-2017-8345: The ReadMNGImage function in png.c allows attackers to cause a denial of service (memory leak) via a crafted file. (Closes: #862573) + Fix CVE-2017-8346: The ReadDCMImage function in dcm.c allows attackers to cause a denial of service (memory leak) via a crafted file. (Closes: #862575). + Fix CVE-2017-8347: Fix DOS in EXR file coders. (Closes: #862577). + Fix CVE-2017-8348: Fix DOS in MAT file coders. (Closes: #862578). + Fix CVE-2017-8349: Fix DOS in SWF file coders. (Closes: #862579). + Fix CVE-2017-8350: Fix DOS in png file coders. (Closes: #862587). + Fix CVE-2017-8351: Fix DOS in pcd file coders. (Closes: #862589). + Fix CVE-2017-8352: Fix DOS in xwd file coders. (Closes: #862590). + Fix CVE-2017-8353: Fix DOS in pict file coders. (Closes: #862632). + Fix CVE-2017-8354: Fix DOS in bmp file coders. (Closes: #862633). + Fix CVE-2017-8355: Fix DOS in mtv file coders. (Closes: #862634). + Fix CVE-2017-8356: Fix DOS in sun file coders. (Closes: #862635). + Fix CVE-2017-8357: Fix DOS in ept file coders. (Closes: #862636). + Fix CVE-2017-8765: Fix DOS in icon file coders. (Closes: #862653). + Fix CVE-2017-8830: Fix DOS in bmp file coders. (Closes: #862637). * Security fixes assertion failure and memory leaks: + Check for EOF conditions for RLE image format. (Closes: #863126). Fix CVE-2017-9144. + A crafted file revealed an assertion failure in blob.c. (Closes: #863125). Fix CVE-2017-9142. + A crafted file revealed an assertion failure in profile.c. (Closes: #863124). Fix CVE-2017-9142. + Specially crafted arts file could lead to memory leak
Accepted imagemagick 8:6.8.9.9-5+deb8u8 (source all amd64) into proposed-updates->stable-new, proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sat, 11 Mar 2017 16:11:35 +0100 Source: imagemagick Binary: imagemagick-common imagemagick-doc libmagickcore-6-headers libmagickwand-6-headers libmagick++-6-headers imagemagick libimage-magick-perl libmagickcore-6-arch-config imagemagick-6.q16 libmagickcore-6.q16-2 libmagickcore-6.q16-2-extra libmagickcore-6.q16-dev libmagickwand-6.q16-2 libmagickwand-6.q16-dev libmagick++-6.q16-5 libmagick++-6.q16-dev imagemagick-dbg libimage-magick-q16-perl perlmagick libmagickcore-dev libmagickwand-dev libmagick++-dev Architecture: source all amd64 Version: 8:6.8.9.9-5+deb8u8 Distribution: jessie-security Urgency: high Maintainer: ImageMagick Packaging Team Changed-By: Bastien Roucariès Description: imagemagick - image manipulation programs -- binaries imagemagick-6.q16 - image manipulation programs -- quantum depth Q16 imagemagick-common - image manipulation programs -- infrastructure imagemagick-dbg - debugging symbols for ImageMagick imagemagick-doc - document files of ImageMagick libimage-magick-perl - Perl interface to the ImageMagick graphics routines libimage-magick-q16-perl - Perl interface to the ImageMagick graphics routines -- Q16 versio libmagick++-6-headers - object-oriented C++ interface to ImageMagick - header files libmagick++-6.q16-5 - object-oriented C++ interface to ImageMagick libmagick++-6.q16-dev - object-oriented C++ interface to ImageMagick - development files libmagick++-dev - object-oriented C++ interface to ImageMagick libmagickcore-6-arch-config - low-level image manipulation library - architecture header files libmagickcore-6-headers - low-level image manipulation library - header files libmagickcore-6.q16-2 - low-level image manipulation library -- quantum depth Q16 libmagickcore-6.q16-2-extra - low-level image manipulation library - extra codecs (Q16) libmagickcore-6.q16-dev - low-level image manipulation library - development files (Q16) libmagickcore-dev - low-level image manipulation library -- transition package libmagickwand-6-headers - image manipulation library - headers files libmagickwand-6.q16-2 - image manipulation library libmagickwand-6.q16-dev - image manipulation library - development files libmagickwand-dev - image manipulation library - transition for development files perlmagick - Perl interface to ImageMagick -- transition package Closes: 844594 856878 856879 856880 856881 856882 857426 Changes: imagemagick (8:6.8.9.9-5+deb8u8) jessie-security; urgency=high . * Fix a few security bugs: + Assertion failure in TGA coder (Closes: #856878). Fix CVE-2017-6498. + Out of bound in sun file coder (Closes: #856879). Fix CVE-2017-6500. + Memory leak in libmagick++ library (Closes: #856880). Fix CVE-2017-6499. + Missing null pointer check in xcf coder (Closes: #856881) and psd coder (Closes: #856882). Fix CVE-2017-6501 and CVE-2017-6497. + Fix a memory leak in options handler (Closes: #857426, LP: #1671630) * Fix a regression in jessie, Fix artefacts running -sharpen on CMYK images (Closes: #844594). Checksums-Sha1: ebc79928011b10edc9aa7a76913269ec9558368d 4242 imagemagick_6.8.9.9-5+deb8u8.dsc 128a6fec660880aaf593f659626cce8052068a7c 264408 imagemagick_6.8.9.9-5+deb8u8.debian.tar.xz babce18305d6481966a729ac81c90c2e8c1e85b1 151594 imagemagick-common_6.8.9.9-5+deb8u8_all.deb cf72b9bbba0deae32dcc40bceea72d95afc8ed8a 7540490 imagemagick-doc_6.8.9.9-5+deb8u8_all.deb 74d017327e01e43a3ad12983cf6a6c04ebd6ce14 170042 libmagickcore-6-headers_6.8.9.9-5+deb8u8_all.deb 7697fc551ee90b0baa618251e84abce2ebf0ffdf 132220 libmagickwand-6-headers_6.8.9.9-5+deb8u8_all.deb 794df2cd8a71269de7c4c5dc8fe18180eab3d7b0 168708 libmagick++-6-headers_6.8.9.9-5+deb8u8_all.deb 142ae096fa868af75a98cf89aaa11e074bf21a07 156998 imagemagick_6.8.9.9-5+deb8u8_amd64.deb 6c7825ff6a4a4079158e7da580743c4850588dd4 176206 libimage-magick-perl_6.8.9.9-5+deb8u8_all.deb 42f6b18c44aa83ff4dfc7c5c9c89ce2cb1c91502 131006 libmagickcore-6-arch-config_6.8.9.9-5+deb8u8_amd64.deb b65aab852f04061f7a1d0dc2c2441859e712e0f9 510238 imagemagick-6.q16_6.8.9.9-5+deb8u8_amd64.deb 072f1227bec6799efbfbaab25cd32d588c5bfaa8 1693726 libmagickcore-6.q16-2_6.8.9.9-5+deb8u8_amd64.deb 96e7fd1c7df910e7b4ad71c7aac3bcc7d64e72b9 172456 libmagickcore-6.q16-2-extra_6.8.9.9-5+deb8u8_amd64.deb 22c43594c10262ad8a2f60cd8b90ff4bce98f005 1029318 libmagickcore-6.q16-dev_6.8.9.9-5+deb8u8_amd64.deb e1a34affd1e877568cecb20ae9581ee14f6744fa 405940 libmagickwand-6.q16-2_6.8.9.9-5+deb8u8_amd64.deb 3dcd692e119e1a3142db2943b55452d93fb473e9 393424 libmagickwand-6.q16-dev_6.8.9.9-5+deb8u8_amd64.deb 1a0d68ad586bf01704249b43df870bc9a54b20eb 257702 libmagick++-6.q16-5_6.8.9.9-5+deb8u8_amd64.deb 7ad982fd131b64a410ed4d62fe807af5f1a45af8 224100 libmagick++-6.q16-dev_6.8.9.9-5+deb8u8_amd64.deb 265e1ee13b1087c128e4021b4e85523e6b6bd8a8 5006000 imagemagick-dbg_6.8.9.9-5
Accepted imagemagick 8:6.8.9.9-5+deb8u7 (source all amd64) into proposed-updates->stable-new, proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sun, 12 Feb 2017 22:08:25 +0100 Source: imagemagick Binary: imagemagick-common imagemagick-doc libmagickcore-6-headers libmagickwand-6-headers libmagick++-6-headers imagemagick libimage-magick-perl libmagickcore-6-arch-config imagemagick-6.q16 libmagickcore-6.q16-2 libmagickcore-6.q16-2-extra libmagickcore-6.q16-dev libmagickwand-6.q16-2 libmagickwand-6.q16-dev libmagick++-6.q16-5 libmagick++-6.q16-dev imagemagick-dbg libimage-magick-q16-perl perlmagick libmagickcore-dev libmagickwand-dev libmagick++-dev Architecture: source all amd64 Version: 8:6.8.9.9-5+deb8u7 Distribution: jessie-security Urgency: medium Maintainer: ImageMagick Packaging Team Changed-By: Bastien Roucariès Description: imagemagick - image manipulation programs -- binaries imagemagick-6.q16 - image manipulation programs -- quantum depth Q16 imagemagick-common - image manipulation programs -- infrastructure imagemagick-dbg - debugging symbols for ImageMagick imagemagick-doc - document files of ImageMagick libimage-magick-perl - Perl interface to the ImageMagick graphics routines libimage-magick-q16-perl - Perl interface to the ImageMagick graphics routines -- Q16 versio libmagick++-6-headers - object-oriented C++ interface to ImageMagick - header files libmagick++-6.q16-5 - object-oriented C++ interface to ImageMagick libmagick++-6.q16-dev - object-oriented C++ interface to ImageMagick - development files libmagick++-dev - object-oriented C++ interface to ImageMagick libmagickcore-6-arch-config - low-level image manipulation library - architecture header files libmagickcore-6-headers - low-level image manipulation library - header files libmagickcore-6.q16-2 - low-level image manipulation library -- quantum depth Q16 libmagickcore-6.q16-2-extra - low-level image manipulation library - extra codecs (Q16) libmagickcore-6.q16-dev - low-level image manipulation library - development files (Q16) libmagickcore-dev - low-level image manipulation library -- transition package libmagickwand-6-headers - image manipulation library - headers files libmagickwand-6.q16-2 - image manipulation library libmagickwand-6.q16-dev - image manipulation library - development files libmagickwand-dev - image manipulation library - transition for development files perlmagick - Perl interface to ImageMagick -- transition package Closes: 848139 849439 851374 851376 851380 851381 851382 851383 851483 Changes: imagemagick (8:6.8.9.9-5+deb8u7) jessie-security; urgency=medium . * Fix Ipl file missing malloc check (Closes: #851483). Fix CVE-2016-10145. * Fix wpg file off by one (Closes: #851483). Fix CVE-2016-10145. * Fix a memory leak in caption coders (Closes: #851380). Fix CVE-2016-10146. * Fix possible buffer overflow when writing compressed TIFFS. (Closes: #848139). Fix CVE-2016-8707. * Fix a double free in profile due to overflow (Closes: #851383). Fix CVE-2017-5506. * Fix memory leak in MPC file handling (Closes: #851382). Fix CVE-2017-5507 * Fix Heap-Buffer-Overflow in TIFF coder (Closes: #851381). Fix CVE-2017-5508 * Fix improper cast that could cause an overflow. (Closes: #851374). Fix CVE-2017-5511. * Fix memory corruption heap overflow in psb file. (Closes: #851376). Fix CVE-2017-5510. * Detect write error in ReadGROUP4Image. (Closes: #849439). Fix CVE-2016-10062 Checksums-Sha1: c633df230fc93e33ff812832aa04e5df0703bd8c 4242 imagemagick_6.8.9.9-5+deb8u7.dsc 261284d5a1be12c8f536554d27b0fcfce1130234 262124 imagemagick_6.8.9.9-5+deb8u7.debian.tar.xz e598c929f7a1a2328d4acae7d6ffd97f6946dfa3 151388 imagemagick-common_6.8.9.9-5+deb8u7_all.deb dc10cfaabcfd57f8795d81118d9921b09d45a69e 7538144 imagemagick-doc_6.8.9.9-5+deb8u7_all.deb 07e6a3f17e9cdc6948e090d93a6d06296724e2a0 169860 libmagickcore-6-headers_6.8.9.9-5+deb8u7_all.deb d5a6051df4bae36d66121ff38c64f2f79e62670b 132036 libmagickwand-6-headers_6.8.9.9-5+deb8u7_all.deb e647306470b11810cb4ff655af058ae9a7358f2b 168548 libmagick++-6-headers_6.8.9.9-5+deb8u7_all.deb 5bc591fadca7d1258b9eb31828b6baeb872a1976 156816 imagemagick_6.8.9.9-5+deb8u7_amd64.deb 64fe3f440d44cd645fe50f578bfa031ee7bc663a 176028 libimage-magick-perl_6.8.9.9-5+deb8u7_all.deb ec9538a9d52ccc945ee1e44543719c6baa8c8747 130842 libmagickcore-6-arch-config_6.8.9.9-5+deb8u7_amd64.deb 06458102b6f3881f8b3a89a7f50cd6d6042a7ddd 510040 imagemagick-6.q16_6.8.9.9-5+deb8u7_amd64.deb f9a6283be0687db735624a9295de3aa97d1769dc 1693554 libmagickcore-6.q16-2_6.8.9.9-5+deb8u7_amd64.deb b73acd25a97204dce48afdfdfded71c34864b515 172196 libmagickcore-6.q16-2-extra_6.8.9.9-5+deb8u7_amd64.deb bf5afcdc8a9fc58ddd7b2e1aa4b12edf4daee77e 1029416 libmagickcore-6.q16-dev_6.8.9.9-5+deb8u7_amd64.deb aa2296b2a2df0b20c0b149b774f9bec15ebe3987 407454 libmagickwand-6.q16-2_6.8.9.9-5+deb8u7_amd64.deb 1bd7094340e7d9687aedb9ef114ecce0abae92fb 394394 libmagickwand-6.q16-dev_6.8.9.9
Accepted imagemagick 8:6.8.9.9-5+deb8u6 (source all amd64) into proposed-updates->stable-new, proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Fri, 25 Nov 2016 21:45:37 +0100 Source: imagemagick Binary: imagemagick-common imagemagick-doc libmagickcore-6-headers libmagickwand-6-headers libmagick++-6-headers imagemagick libimage-magick-perl libmagickcore-6-arch-config imagemagick-6.q16 libmagickcore-6.q16-2 libmagickcore-6.q16-2-extra libmagickcore-6.q16-dev libmagickwand-6.q16-2 libmagickwand-6.q16-dev libmagick++-6.q16-5 libmagick++-6.q16-dev imagemagick-dbg libimage-magick-q16-perl perlmagick libmagickcore-dev libmagickwand-dev libmagick++-dev Architecture: source all amd64 Version: 8:6.8.9.9-5+deb8u6 Distribution: jessie-security Urgency: medium Maintainer: ImageMagick Packaging Team Changed-By: Bastien Roucariès Description: imagemagick - image manipulation programs -- binaries imagemagick-6.q16 - image manipulation programs -- quantum depth Q16 imagemagick-common - image manipulation programs -- infrastructure imagemagick-dbg - debugging symbols for ImageMagick imagemagick-doc - document files of ImageMagick libimage-magick-perl - Perl interface to the ImageMagick graphics routines libimage-magick-q16-perl - Perl interface to the ImageMagick graphics routines -- Q16 versio libmagick++-6-headers - object-oriented C++ interface to ImageMagick - header files libmagick++-6.q16-5 - object-oriented C++ interface to ImageMagick libmagick++-6.q16-dev - object-oriented C++ interface to ImageMagick - development files libmagick++-dev - object-oriented C++ interface to ImageMagick libmagickcore-6-arch-config - low-level image manipulation library - architecture header files libmagickcore-6-headers - low-level image manipulation library - header files libmagickcore-6.q16-2 - low-level image manipulation library -- quantum depth Q16 libmagickcore-6.q16-2-extra - low-level image manipulation library - extra codecs (Q16) libmagickcore-6.q16-dev - low-level image manipulation library - development files (Q16) libmagickcore-dev - low-level image manipulation library -- transition package libmagickwand-6-headers - image manipulation library - headers files libmagickwand-6.q16-2 - image manipulation library libmagickwand-6.q16-dev - image manipulation library - development files libmagickwand-dev - image manipulation library - transition for development files perlmagick - Perl interface to ImageMagick -- transition package Closes: 840435 840437 845195 845196 845198 845202 845206 845212 845213 845242 845243 845244 845246 845634 Changes: imagemagick (8:6.8.9.9-5+deb8u6) jessie-security; urgency=medium . * Fix CVE-2016-7799: global buffer overflow. (Closes: #840437). * Fix CVE-2016-7906: use after free. (Closes: #840435). * Fix a TIFF file buffer overflow. (Closes: #845195). * Check return of fputc during TIFF file writing. (Closes: #845196). * Prevent buffer overflow by checking image extend for TIFF (Closes: #845198). * Avoid a out of bound read in VIFF file handler. (Closes: #845212 and LP: #1545183). * Avoid a DOS by not allowing too deep nested exception. (Closes: #845213). * Better check for buffer overflow in TIFF files handling. (Closes: #845202). * Fix CVE-2016-8677: memory allocate failure in AcquireQuantumPixels (Closes: #845206). * Prevent fault in MSL interpreter. (Closes: #845242). * Prevent heap buffer overflow in heap-buffer-overflow in IsPixelGray (Closes: #845242) * Fix null pointer dereference in TIFF file handling. (Closes: #845243). * Added check for invalid number of frames in mat file (Closes: #845244). * Fix an out of bound read in mat file due to insuffisant allocation. (Closes: #845246). * Fix CVE-2016-8862: memory allocation failure in AcquireMagickMemory (Closes: #845634). Checksums-Sha1: 8ea9abbc7a87d9b366a4af5d177470e917975c92 4210 imagemagick_6.8.9.9-5+deb8u6.dsc 8b82082973e6f27c02ba514a344290e551b6bb2d 260404 imagemagick_6.8.9.9-5+deb8u6.debian.tar.xz 5d9cd0f5e287984d3352d4ac4b1c0f3407a43b46 150970 imagemagick-common_6.8.9.9-5+deb8u6_all.deb 47347063f9daac522b44c124f800cfa1ef1090de 7668178 imagemagick-doc_6.8.9.9-5+deb8u6_all.deb 85ef6aef3c6fcc8c7ce559893b38d29cdce2bd07 169736 libmagickcore-6-headers_6.8.9.9-5+deb8u6_all.deb 495e289f8aa46a05154c0c47985ba62203f51973 132636 libmagickwand-6-headers_6.8.9.9-5+deb8u6_all.deb e9bbfc9b91cc27be745af823ceb92bd1d9bf65a3 168342 libmagick++-6-headers_6.8.9.9-5+deb8u6_all.deb acf9b8a04a91e77ca7dd7f2ef8b165306c7b22c3 157430 imagemagick_6.8.9.9-5+deb8u6_amd64.deb d810ebcb5ce46b31d1af5a26587b4ed8c7013ab7 175900 libimage-magick-perl_6.8.9.9-5+deb8u6_all.deb 7d5d2cecf87a365ccc9f78f76e3dab40f485b0c7 131464 libmagickcore-6-arch-config_6.8.9.9-5+deb8u6_amd64.deb ce0289347433f23d992c9c717b5558643879eefd 510056 imagemagick-6.q16_6.8.9.9-5+deb8u6_amd64.deb cefff776cd98e44dbeff00f397d766c53f06fac1 1694182 libmagickcore-6.q16-2_6.8.9.9-5+deb8u6_amd64.deb
Accepted imagemagick 8:6.8.9.9-5+deb8u5 (source all amd64) into proposed-updates->stable-new, proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Wed, 21 Sep 2016 22:24:16 +0200 Source: imagemagick Binary: imagemagick-common imagemagick-doc libmagickcore-6-headers libmagickwand-6-headers libmagick++-6-headers imagemagick libimage-magick-perl libmagickcore-6-arch-config imagemagick-6.q16 libmagickcore-6.q16-2 libmagickcore-6.q16-2-extra libmagickcore-6.q16-dev libmagickwand-6.q16-2 libmagickwand-6.q16-dev libmagick++-6.q16-5 libmagick++-6.q16-dev imagemagick-dbg libimage-magick-q16-perl perlmagick libmagickcore-dev libmagickwand-dev libmagick++-dev Architecture: source all amd64 Version: 8:6.8.9.9-5+deb8u5 Distribution: jessie-security Urgency: medium Maintainer: ImageMagick Packaging Team Changed-By: Bastien Roucariès Description: imagemagick - image manipulation programs -- binaries imagemagick-6.q16 - image manipulation programs -- quantum depth Q16 imagemagick-common - image manipulation programs -- infrastructure imagemagick-dbg - debugging symbols for ImageMagick imagemagick-doc - document files of ImageMagick libimage-magick-perl - Perl interface to the ImageMagick graphics routines libimage-magick-q16-perl - Perl interface to the ImageMagick graphics routines -- Q16 versio libmagick++-6-headers - object-oriented C++ interface to ImageMagick - header files libmagick++-6.q16-5 - object-oriented C++ interface to ImageMagick libmagick++-6.q16-dev - object-oriented C++ interface to ImageMagick - development files libmagick++-dev - object-oriented C++ interface to ImageMagick libmagickcore-6-arch-config - low-level image manipulation library - architecture header files libmagickcore-6-headers - low-level image manipulation library - header files libmagickcore-6.q16-2 - low-level image manipulation library -- quantum depth Q16 libmagickcore-6.q16-2-extra - low-level image manipulation library - extra codecs (Q16) libmagickcore-6.q16-dev - low-level image manipulation library - development files (Q16) libmagickcore-dev - low-level image manipulation library -- transition package libmagickwand-6-headers - image manipulation library - headers files libmagickwand-6.q16-2 - image manipulation library libmagickwand-6.q16-dev - image manipulation library - development files libmagickwand-dev - image manipulation library - transition for development files perlmagick - Perl interface to ImageMagick -- transition package Closes: 835488 836171 836172 836776 Changes: imagemagick (8:6.8.9.9-5+deb8u5) jessie-security; urgency=medium . * Bug fix: "Regression after security update to 8:6.8.9.9-5+deb8u4, unable to convert PDF files in PHP", thanks to Tommie Van Mechgelen (Closes: #835488). * Prevent buffer overflow in SIXEL, PDB, MAP, and CALS coders. (Closes: #836172). * Fix TIFF file divide by zero. (Closes: #836171). * Fix SGI file buffer overflow. (Closes: #836776). Checksums-Sha1: 59932c398863d9367ff32ad5de47a77ae9671fde 4228 imagemagick_6.8.9.9-5+deb8u5.dsc 410c73c318878c5522b630e3011f58f3a5ee5246 248320 imagemagick_6.8.9.9-5+deb8u5.debian.tar.xz a32e993e6058769b8d4f0ac94336f9948d007789 150998 imagemagick-common_6.8.9.9-5+deb8u5_all.deb bd43f4b0cf456bafe3273781287ac55ffe17fc23 7708780 imagemagick-doc_6.8.9.9-5+deb8u5_all.deb ad78ac43b311d63264f2ebbc8eac41d4fa33ea77 169344 libmagickcore-6-headers_6.8.9.9-5+deb8u5_all.deb ce2b7a7746271c0c06db4ee0e01d7ac5b839b688 132298 libmagickwand-6-headers_6.8.9.9-5+deb8u5_all.deb 86c92a3468d77998b27429e3e0b996ca877358dd 168238 libmagick++-6-headers_6.8.9.9-5+deb8u5_all.deb 9060c4d4b5fbb44fe5969a493ef01cf94922a06e 157152 imagemagick_6.8.9.9-5+deb8u5_amd64.deb 8dd8503a1ac9ba4c61d93d5239e1429c4b68c361 174948 libimage-magick-perl_6.8.9.9-5+deb8u5_all.deb e0eb7c36ef58f5ff81839e19211a2123f6981681 131130 libmagickcore-6-arch-config_6.8.9.9-5+deb8u5_amd64.deb 6df2e6c4124bf88dfb0fd594ba54f475c3246aa8 509904 imagemagick-6.q16_6.8.9.9-5+deb8u5_amd64.deb 1c4e9927d971b96831e905045b82fe1b6c6a301a 1685458 libmagickcore-6.q16-2_6.8.9.9-5+deb8u5_amd64.deb bfe4b107a4612186836672af59b2cd047d6173aa 171490 libmagickcore-6.q16-2-extra_6.8.9.9-5+deb8u5_amd64.deb 811fc9961f526a05f6a4f246c85535dd5150cd0b 1028688 libmagickcore-6.q16-dev_6.8.9.9-5+deb8u5_amd64.deb 38da4deb8355fa6701a6eec950a5ca6d77957519 405856 libmagickwand-6.q16-2_6.8.9.9-5+deb8u5_amd64.deb d2efb2f5e51c383a3256d4ee5ccc238fbaa21b7a 393812 libmagickwand-6.q16-dev_6.8.9.9-5+deb8u5_amd64.deb d1239f3de09bd7d7303dcb6994bc0c2791291eac 255518 libmagick++-6.q16-5_6.8.9.9-5+deb8u5_amd64.deb 2657787c0ca5a64cecd1811124d865b9eaac534c 223242 libmagick++-6.q16-dev_6.8.9.9-5+deb8u5_amd64.deb e46a05b0437560fdd00a1e4250ca1ef98ccd26ea 5012910 imagemagick-dbg_6.8.9.9-5+deb8u5_amd64.deb 6b167fff9d0e3cca8022b7b2ffb230412fd14212 222382 libimage-magick-q16-perl_6.8.9.9-5+deb8u5_amd64.deb f1d30370e5c23dcffdd671161d93cbcd07e1cc7b 123526 perlmagick_6.8.9.9-5+deb8u5_all.deb d1131faae862a4c13753a9ad6ca76df06596d
Accepted imagemagick 8:6.8.9.9-5+deb8u4 (source all amd64) into proposed-updates->stable-new, proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Tue, 16 Aug 2016 14:13:24 +0200 Source: imagemagick Binary: imagemagick-common imagemagick-doc libmagickcore-6-headers libmagickwand-6-headers libmagick++-6-headers imagemagick libimage-magick-perl libmagickcore-6-arch-config imagemagick-6.q16 libmagickcore-6.q16-2 libmagickcore-6.q16-2-extra libmagickcore-6.q16-dev libmagickwand-6.q16-2 libmagickwand-6.q16-dev libmagick++-6.q16-5 libmagick++-6.q16-dev imagemagick-dbg libimage-magick-q16-perl perlmagick libmagickcore-dev libmagickwand-dev libmagick++-dev Architecture: source all amd64 Version: 8:6.8.9.9-5+deb8u4 Distribution: jessie-security Urgency: medium Maintainer: ImageMagick Packaging Team Changed-By: Bastien Roucariès Description: imagemagick - image manipulation programs -- binaries imagemagick-6.q16 - image manipulation programs -- quantum depth Q16 imagemagick-common - image manipulation programs -- infrastructure imagemagick-dbg - debugging symbols for ImageMagick imagemagick-doc - document files of ImageMagick libimage-magick-perl - Perl interface to the ImageMagick graphics routines libimage-magick-q16-perl - Perl interface to the ImageMagick graphics routines -- Q16 versio libmagick++-6-headers - object-oriented C++ interface to ImageMagick - header files libmagick++-6.q16-5 - object-oriented C++ interface to ImageMagick libmagick++-6.q16-dev - object-oriented C++ interface to ImageMagick - development files libmagick++-dev - object-oriented C++ interface to ImageMagick libmagickcore-6-arch-config - low-level image manipulation library - architecture header files libmagickcore-6-headers - low-level image manipulation library - header files libmagickcore-6.q16-2 - low-level image manipulation library -- quantum depth Q16 libmagickcore-6.q16-2-extra - low-level image manipulation library - extra codecs (Q16) libmagickcore-6.q16-dev - low-level image manipulation library - development files (Q16) libmagickcore-dev - low-level image manipulation library -- transition package libmagickwand-6-headers - image manipulation library - headers files libmagickwand-6.q16-2 - image manipulation library libmagickwand-6.q16-dev - image manipulation library - development files libmagickwand-dev - image manipulation library - transition for development files perlmagick - Perl interface to ImageMagick -- transition package Closes: 823750 827643 831034 832455 832457 832461 832464 832465 832467 832469 832474 832475 832478 832480 832482 832483 832504 832506 832633 832776 832780 832785 832787 832789 832791 832793 832885 832887 832888 832890 832942 832944 832968 833003 833042 833043 833044 833099 833101 833730 833732 833735 833743 833744 833812 834163 834183 834501 834504 Changes: imagemagick (8:6.8.9.9-5+deb8u4) jessie-security; urgency=medium . * Fix a few security problems (Closes: #823750): - Fix a off-by-one error leading to segfault (Closes: #832455). - Fix an out-of-bounds read in coders/psd.c (Closes: #832457, LP: #1533442). - Fix rle file handling for corrupted file (Closes: #832461, LP: #1533445) - Fix a buffer overflow in sun file handling (Closes: #832464). - Fix a potential DOS in sun file handling due to malformed files (Closes: #832465). - Fix multiple out of bound problem in rle, pict, viff and sun files (Closes: #832467, LP: #1533452, LP: #1533449, LP: #1533447, LP: #1533445). - Fix a heap overflow in hdr file handling (Closes: #832469, LP: #1537213). - Fix a heap buffer overflow in psd file handling (Closes: #832474, LP: #1537418). - Fix an out of bound access for malformed psd file (Closes: #832475, LP: #1537419). - Fix a meta file out of bound access (Closes: #832478, LP: #1537420) - Fix heap buffer overflow in psd file coder (Closes: #832480, LP: #1537424) - Fix an out of bound access in wpg file coder (Closes: #832482, LP: #1539050, LP: #1542115). - Fix out of bound access for viff file coder (Closes: #832483, LP: #1537425) - Fix an out of bound access in xcf file coder (Closes: #832504, LP: #1539051, LP: #1539052). - Fix out of bound in quantum handling (Closes: #832506, LP: #1539067, LP: #1539053). - Fix a pbd file out of bound access (Closes: #832633, LP: #1539061, LP: #1542112). - Fix handling of corrupted psd file (Closes: #832776, LP: #1539066). - Fix a wpg file out of bound for corrupted file (Closes: #832780, LP: #1542114). - Fix an out of bound access in generic decoder (Closes: #832785, LP: #1542785). - Fix an out of bound access for corrupted psd file (Closes: #832787, LP: #1545180). - Fix a SEGV reported in corrupted profile handling (Closes: #832789, LP: #1545367). - Fix an out of bound access for corrupted pdb file (Closes: #832791, LP: #1553366). - Fix a
Accepted imagemagick 8:6.8.9.9-5+deb8u1 (source all amd64) into proposed-updates->stable-new, proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Sat, 09 Jan 2016 23:05:59 +0100 Source: imagemagick Binary: imagemagick-common imagemagick-doc libmagickcore-6-headers libmagickwand-6-headers libmagick++-6-headers imagemagick libimage-magick-perl libmagickcore-6-arch-config imagemagick-6.q16 libmagickcore-6.q16-2 libmagickcore-6.q16-2-extra libmagickcore-6.q16-dev libmagickwand-6.q16-2 libmagickwand-6.q16-dev libmagick++-6.q16-5 libmagick++-6.q16-dev imagemagick-dbg libimage-magick-q16-perl perlmagick libmagickcore-dev libmagickwand-dev libmagick++-dev Architecture: source all amd64 Version: 8:6.8.9.9-5+deb8u1 Distribution: stable Urgency: medium Maintainer: ImageMagick Packaging Team Changed-By: Bastien Roucariès Description: imagemagick - image manipulation programs -- binaries imagemagick-6.q16 - image manipulation programs -- quantum depth Q16 imagemagick-common - image manipulation programs -- infrastructure imagemagick-dbg - debugging symbols for ImageMagick imagemagick-doc - document files of ImageMagick libimage-magick-perl - Perl interface to the ImageMagick graphics routines libimage-magick-q16-perl - Perl interface to the ImageMagick graphics routines -- Q16 versio libmagick++-6-headers - object-oriented C++ interface to ImageMagick - header files libmagick++-6.q16-5 - object-oriented C++ interface to ImageMagick libmagick++-6.q16-dev - object-oriented C++ interface to ImageMagick - development files libmagick++-dev - object-oriented C++ interface to ImageMagick libmagickcore-6-arch-config - low-level image manipulation library - architecture header files libmagickcore-6-headers - low-level image manipulation library - header files libmagickcore-6.q16-2 - low-level image manipulation library -- quantum depth Q16 libmagickcore-6.q16-2-extra - low-level image manipulation library - extra codecs (Q16) libmagickcore-6.q16-dev - low-level image manipulation library - development files (Q16) libmagickcore-dev - low-level image manipulation library -- transition package libmagickwand-6-headers - image manipulation library - headers files libmagickwand-6.q16-2 - image manipulation library libmagickwand-6.q16-dev - image manipulation library - development files libmagickwand-dev - image manipulation library - transition for development files perlmagick - Perl interface to ImageMagick -- transition package Closes: 770009 806441 811308 Changes: imagemagick (8:6.8.9.9-5+deb8u1) stable; urgency=medium . * Fix build on mips by printing progress (Closes: #770009). * Fix a few security bugs: - A DOS on specially crafted MIFF file. - A DOS on specially crafted Vicar file. - A DOS on specially crafted HDR file. - A DOs on specially crafted PDB file. - Fix a Null dereference in coders/png.c (LP: #1492881). - Fix a double free in coders/tga.c (LP: #1490362). - Avoid a DOS for RLE file. - Avoid a bufer overflow by using field limit in sprintf. - Avoid a stack overflow in fx handling. - Fixed size of memory allocation in RLE coder to avoid segfault (LP: #1496649). - Add extra checks to avoid out of bounds error when parsing the 8bim profile. (LP: #1496645). - Fixed memory leak when reading incorrect PSD files (closes: #811308) http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=28791 - Fix PixelColor off by one on i386.(closes: #811308) https://github.com/ImageMagick/ImageMagick/issues/54 - Fix out of bounds error in -splice operator. - Prevent null pointer access in magick/constitute.c (closes: #811308) https://github.com/ImageMagick/ImageMagick/pull/34 - Fix another memory leak in string handling. - Fix an integer overflow that can lead to a buffer overrun in the icon parsing code (LP: #1459747, closes: #806441) - Fix an integer overflow that can lead to a double free in pict parsing (LP: #1448803, closes: #806441). Checksums-Sha1: 86425dac023f208e852ac56e338cc7af6bfa5d7d 3880 imagemagick_6.8.9.9-5+deb8u1.dsc 4fe41325e3ecdeb5f9dce45a4dd0beaac8593cff 213760 imagemagick_6.8.9.9-5+deb8u1.debian.tar.xz f28e9727c5d00567d9b9921af78dabc6579582c9 148710 imagemagick-common_6.8.9.9-5+deb8u1_all.deb 84febc59b1ed31610c6160580fe70160103b168b 7573528 imagemagick-doc_6.8.9.9-5+deb8u1_all.deb b74ff0c6825a3957096aec98b2450ae967e6edd3 167250 libmagickcore-6-headers_6.8.9.9-5+deb8u1_all.deb c57bbea2bfc1804cb99ef143db3824c847bfdca6 130434 libmagickwand-6-headers_6.8.9.9-5+deb8u1_all.deb b3fb7e692d4533099ade747170ca8472f0247004 166072 libmagick++-6-headers_6.8.9.9-5+deb8u1_all.deb a25eb30bb761b38ca57130f9aa3e201988ca06bd 155334 imagemagick_6.8.9.9-5+deb8u1_amd64.deb 93f42ba11019df5f4b53597496843dc952887219 173784 libimage-magick-perl_6.8.9.9-5+deb8u1_all.deb 19a878f26614cc80ec6c537c5bf747497f7269d9 129206 libmagickcore-6-arch-config_6.8.9.9-5+deb8u1_amd64.deb abc11d6ef0d99e685bc1a89e377302ab10d6
Accepted imagemagick 8:6.7.7.10-5+deb7u3 (source amd64 all)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Sun, 02 Mar 2014 18:23:16 +0100 Source: imagemagick Binary: imagemagick imagemagick-dbg imagemagick-common imagemagick-doc libmagickcore5 libmagickcore5-extra libmagickcore-dev libmagickwand5 libmagickwand-dev libmagick++5 libmagick++-dev perlmagick Architecture: source amd64 all Version: 8:6.7.7.10-5+deb7u3 Distribution: wheezy-security Urgency: high Maintainer: ImageMagick Packaging Team Changed-By: Bastien Roucariès Description: imagemagick - image manipulation programs imagemagick-common - image manipulation programs -- infrastructure imagemagick-dbg - debugging symbols for ImageMagick imagemagick-doc - document files of ImageMagick libmagick++-dev - object-oriented C++ interface to ImageMagick - development files libmagick++5 - object-oriented C++ interface to ImageMagick libmagickcore-dev - low-level image manipulation library - development files libmagickcore5 - low-level image manipulation library libmagickcore5-extra - low-level image manipulation library - extra codecs libmagickwand-dev - image manipulation library - development files libmagickwand5 - image manipulation library perlmagick - Perl interface to the ImageMagick graphics routines Closes: 740250 Changes: imagemagick (8:6.7.7.10-5+deb7u3) wheezy-security; urgency=high . * Fix three security bugs (Closes: #740250): - Fix CVE-2014-1958 and CVE-2014-2030, two buffer overflow in psd file handling. - Fix CVE-2014-1947 a buffer overflow in log handling. Checksums-Sha1: 7ca2f8983151d492570588e0f76f34264f84909d 2533 imagemagick_6.7.7.10-5+deb7u3.dsc 632d2f7fd2bfc1917edee5e80fe8418de25e0112 140231 imagemagick_6.7.7.10-5+deb7u3.debian.tar.bz2 c6bb5eb3dfba8b0e9b58a68e0c7a8ca49b6e92bc 285022 imagemagick_6.7.7.10-5+deb7u3_amd64.deb 4a7ee5c660c3727915c8e87bd2a788d36467d5c1 6265726 imagemagick-dbg_6.7.7.10-5+deb7u3_amd64.deb 54e50ab8cf81cc6d71e03014c4a5a7d973f50e5c 128240 imagemagick-common_6.7.7.10-5+deb7u3_all.deb 1030266d429ded6ed8f3c239c31d133c68b395e2 5628084 imagemagick-doc_6.7.7.10-5+deb7u3_all.deb 1d9aabe104cd2315a527c8726c6d318e155c936a 2083462 libmagickcore5_6.7.7.10-5+deb7u3_amd64.deb 27d60fac510c3696f3395a97efafd0b7e75a3cf5 163674 libmagickcore5-extra_6.7.7.10-5+deb7u3_amd64.deb 6db7a9e4f830437821ca6276ae1974e000a756e8 1386404 libmagickcore-dev_6.7.7.10-5+deb7u3_amd64.deb bc6bf284cf46e59c0f5f66544841b7d94c001895 462178 libmagickwand5_6.7.7.10-5+deb7u3_amd64.deb a2bb35e2b8e91cb62553b4113deb84e6259d7663 544270 libmagickwand-dev_6.7.7.10-5+deb7u3_amd64.deb cfa0d78fe021746cbde09c6a3a1806f5874151b3 236492 libmagick++5_6.7.7.10-5+deb7u3_amd64.deb eefc165260a0426531d721f879bf88403ee59de9 284988 libmagick++-dev_6.7.7.10-5+deb7u3_amd64.deb 530dc0fa4efef729eaa5e539d34f33987a403af7 255662 perlmagick_6.7.7.10-5+deb7u3_amd64.deb Checksums-Sha256: 37bfc98a8901d1a36f982f6c929264f0c69df12e5fdb2e9a2b7767a9588c456c 2533 imagemagick_6.7.7.10-5+deb7u3.dsc da4928a5e7519e03bdc0d615b8a7eb916944c0fc819ea78a47fdc3ad36274298 140231 imagemagick_6.7.7.10-5+deb7u3.debian.tar.bz2 5e63f4878427176b3256beb57a8dba17a7ac83c109be8daac25d21485a3d937e 285022 imagemagick_6.7.7.10-5+deb7u3_amd64.deb b4218283cad3f9e7a6e5e7d0e29d451dc22e655e40f4a3236dbaf702c8041703 6265726 imagemagick-dbg_6.7.7.10-5+deb7u3_amd64.deb e6132bfbf1dc99e37addafce516631015b73d718475b8c06f5d17365df4b 128240 imagemagick-common_6.7.7.10-5+deb7u3_all.deb 6dc4c4de5b660c7c996726e607c48bcf8f4825fcf89c6a00c620236f27875db8 5628084 imagemagick-doc_6.7.7.10-5+deb7u3_all.deb 481703eaa22d94da6441e9a9251b0d2a65ca33da9502d8f883cb9391fa879300 2083462 libmagickcore5_6.7.7.10-5+deb7u3_amd64.deb 47f42a3ac4bd76d6ddb99c6b1c7767f37285d101aa9431d31942e0896c932079 163674 libmagickcore5-extra_6.7.7.10-5+deb7u3_amd64.deb 3fad6edcdfca9855079b316b56f4e16b91798e62c2710a44a59d3b204c81b5f5 1386404 libmagickcore-dev_6.7.7.10-5+deb7u3_amd64.deb 65fe21f5ad1e23836f9ec11f3306ec147013293148a8e960242fc776192713e1 462178 libmagickwand5_6.7.7.10-5+deb7u3_amd64.deb 8482135d9ca8ce0eaeca42cccd56e60267882650f5d90d17706463c6ef0052b7 544270 libmagickwand-dev_6.7.7.10-5+deb7u3_amd64.deb b7921ad4fbd1a172b771ce2f5c0ba51e15c47dcca683a009b522b91de33acbae 236492 libmagick++5_6.7.7.10-5+deb7u3_amd64.deb 37df3b1a8bc6d96ba16f4eda584a7a7578fc53321fefd856283b204fc2cb8ff8 284988 libmagick++-dev_6.7.7.10-5+deb7u3_amd64.deb fbab8675621a632ac85ee56d6d2a10705b3c1ec42c11524da36f45c58c4cd189 255662 perlmagick_6.7.7.10-5+deb7u3_amd64.deb Files: 9cb3c9b373e1a6020539db05b102 2533 graphics optional imagemagick_6.7.7.10-5+deb7u3.dsc 2cc08ff3173ef7bd36f1bc3fce51becd 140231 graphics optional imagemagick_6.7.7.10-5+deb7u3.debian.tar.bz2 3c5fd2802fe91372394583d8310ed137 285022 graphics optional imagemagick_6.7.7.10-5+deb7u3_amd64.deb 5386f00c82f3fe0bcb031a2305e604c0 6265726 debug extra imagemagick-dbg_6.7.7.10-5+deb7u3_amd64.deb 6d33b9c34263ccf26babcb7757f90c5a 128240 graphics optional imagemagick